WG Action: Formed Source Address Validation in Intra-domain and Inter-domain Networks (savnet)
The IESG <iesg-secretary@ietf.org> Fri, 17 June 2022 17:35 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 19BC4C14792A; Fri, 17 Jun 2022 10:35:55 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Action: Formed Source Address Validation in Intra-domain and Inter-domain Networks (savnet)
X-Test-IDTracker: no
X-IETF-IDTracker: 8.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, savnet-chairs@ietf.org, savnet@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <165548735509.60046.13988536170177530998@ietfa.amsl.com>
Date: Fri, 17 Jun 2022 10:35:55 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/YHhkuxYhHDVczDFrcZtQBbvJYkk>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jun 2022 17:35:55 -0000
A new IETF WG has been formed in the Routing Area. For additional information, please contact the Area Directors or the WG Chairs. Source Address Validation in Intra-domain and Inter-domain Networks (savnet) ----------------------------------------------------------------------- Current status: Proposed WG Chairs: Joel Halpern <jmh@joelhalpern.com> Aijun Wang <wangaijun@tsinghua.org.cn> Assigned Area Director: Alvaro Retana <aretana.ietf@gmail.com> Routing Area Directors: Alvaro Retana <aretana.ietf@gmail.com> John Scudder <jgs@juniper.net> Andrew Alston <andrew-ietf@liquid.tech> Mailing list: Address: savnet@ietf.org To subscribe: https://www.ietf.org/mailman/listinfo/savnet Archive: https://mailarchive.ietf.org/arch/browse/savnet/ Group page: https://datatracker.ietf.org/group/savnet/ Charter: https://datatracker.ietf.org/doc/charter-ietf-savnet/ Source address validation (SAV) is one important way to mitigate source address spoofing attacks in the data plane. Therefore, it is desirable to deploy SAV in intra-domain and inter-domain networks. However, existing SAV mechanisms like uRPF-related technologies may improperly permit spoofed traffic or block legitimate traffic. The "Source Address Validation in Intra-domain and Inter-domain Networks (SAVNET)" working group will define routing-protocol-independent architectures and procedures to accurately determine the valid incoming router interfaces for specific source prefixes. The accuracy of the new SAV mechanisms is expected to improve upon the current ones. The WG will not work on extending existing mechanisms. The scope of the SAVNET WG includes the SAV function for both intra-domain and inter-domain networks and the validation of both IPv4 and IPv6 addresses. The WG will address intra-domain solutions first and focus on routing protocol- based mechanisms. SAVNET should avoid packet modification in the data plane. Existing control and management plane protocols should be used within existing architectures to implement the SAV function. Any modification of or extension to existing architectures or control or management plane protocols must be carried out in the working groups responsible for them and in coordination with this working group. The SAVNET WG is chartered for the following list of items: (1) Problem Statement, Use Cases, and Requirements This document should include an analysis of the current solutions and their limitations. This item may require one document to address intra-domain SAV and another to address inter-domain SAV. This document may not necessarily be published as an IETF Stream RFC, but may be maintained in draft form or on a collaborative Working Group space to support the efforts of the Working Group and help newcomers. (2) SAVNET Architecture Documents This item requires one document to address intra-domain SAV and another to address inter-domain SAV. Each document must describe the conditions under which the architecture can improve accuracy or performance with respect to existing SAV mechanisms without assuming pervasive adoption. Each document must also include a privacy analysis, the threat model addressed by the proposed architecture, and a comparison to existing SAV mechanisms. (3) Definition of routing protocol-independent operation and management mechanisms to operate and manage SAV-related configurations. After the WG has reached consensus on each item, a discussion about whether it is appropriate to continue with further work must occur. The discussion can consider topics related to the accuracy of the mechanism and the types of attacks it can prevent. The WG Chairs will define the specific criteria and determine that rough consensus to work further has been reached. The WG may be rechartered or closed if rough consensus is not reached. The SAVNET WG will coordinate and collaborate with other WGs as needed. Specific interactions may include (but are not limited to): * lsr for OSPFv2, OSPFv3 and IS-IS extensions * idr for BGP extensions * lsvr for BGP SPF extensions * rift for RIFT extensions Each of these other WGs can independently determine the applicability and priority of SAV to their deployments. Milestones: Nov 2022 - Adopt the Problem Statement, Use Cases, and Requirements document Jul 2023 - Adopt the Intra-Domain Architecture document Mar 2024 - Submit the Intra-Domain Architecture document to the IESG for publication Mar 2024 - Adopt operations and management for Intra-domain networks document Mar 2024 - Adopt the Inter-Domain Architecture document Jul 2024 - Submit operations and management for Intra-domain networks document to the IESG for publication Nov 2024 - Submit the Inter-Domain Architecture document to the IESG for publication Nov 2024 - Adopt operations and management for Inter-domain networks document Mar 2025 - Submit operations and management for Inter-domain networks document to the IESG for publication